In the Budget 2023, the finance minister highlighted the importance of digitalisation and announced several initiatives to support this objective. Launched in 2015, this is the 8th year of the ‘Digital India’ mission. This umbrella program, constantly pushed by the government, has slowly added several tools to its kitty. Beginning with Aadhaar, and now expanding to every aspect of life with CoWin, E-Sharm, MyGov.In, Digi Locker and more, ‘Digital India’ has come a long way. 

An essential part of any process of digitalisation is collecting and storing data. If we look at all the aspects of Digital India venture, the Indian government is in control of a mindblowing amount of data. And it’s not stopping. With every new initiative, it is going way ahead to mine more details of the citizens’ lives. As part of this year’s outlay for digital India, the govt has announced Digital public infrastructure for agriculture, a new National Data Governance policy and developing a national cooperative database to map cooperative societies across the country. So previously inconceivable areas are also falling into the fold of digitalisation. 

The question is all this data collection serving its purpose? 
Substantial evidence suggests that instead of aiding welfare schemes, Aadhaar has wrecked them. A recent ruling has mandated that all NREGA payments be done through the Aadhaar-Based Payment System, in spite of just 43% of NREGA workers being eligible for ABPS. To use ABPS, the worker has to link their Aadhaar card, job card and bank accounts together with the app. After linking the Aadhaar card, it has to be authenticated, only then the workers can be paid by ABPS. Now several issues can lead to the failure of authentication, first, there has to be a proper KYC, and verification of demographic information. The worker has to resolve any inconsistencies between Aadhaar data, and the Job card as well as their bank accounts. Even for an educated person, going through a slew of documentation is quite cumbersome, now imagine the same for an illiterate person or a migrant. That’s why several workers simply opt for direct bank transfers. 

An investigation team from the Tribune found in 2018 that Aadhaar data could be procured for as little as Rs. 500. Last year, the website of PM-Kisan, was found to be leaking Aadhaar data of over 110 million farmers. 

The CoWIN portal certainly helped people register for vaccinations during the pandemic, but do you know that it also helped the government create digital health accounts of people without their consent or knowledge? Similarly, all those who joined Pradhan Mantri Jan Arogya Yojana and gave their Aadhaar numbers found themselves with an Ayushman Bharat Health Account. It may be a good idea to create health accounts, but without proper data protection measures, they can put citizens in a vulnerable position as there is a thin line between public good and individual rights. Only 5% of private hospitals have registered on the portal, which essentially aims to map doctors to patients. Doctors are wary of it and worry that digital prescriptions could be misused. Similarly, there are concerns about the protection of sensitive data of patients with HIV, tuberculosis, and psychiatric conditions. Apart from cyber breaches, what if your health data which includes your gender, your address your age and other sensitive information, land in the hands of private pharma industry or corporates? It could be used by these companies to predict trends and target particular patients with their advertisements for medicines and tests. 

Around 50 government websites were hacked, and 8 data breaches took place in 2022, reported IT minister Ashwini Vaishnaw to the Rajya Sabha recently. We also saw the massive malware attack on the prestigious All India Institute of Medical Sciences in December last year, which left the hospital struggling to manage its patients. 

India is the 7th most cyber-breached country in the world, as per a report by Surfshark, a VPN provider. This is certainly a cause of concern, as we don’t have any data privacy law in place. And if the government itself misuse your data, you have no place to plead your case. 

If the data generating exercises aren’t helping people in the way they are supposed to but on the contrary are robbing them of their privacy and making them vulnerable, who is this data for?

The government often seems like a benign collector of data, compared to the private players. In a 2017 interview, Nandan Nilekani was asked abouthe difference between an ecosystem developed by government versus a private company. First, he praised the private ecosystem for its time and efficiency and then went on to elaborate that if the govt ventures in such a project- 
‘it should be too big to reverse…..The second principle in this whole thing is make sure it’s embedded in as many applications as possible.’ Indeed, Aadhaar follows both these principles. And ever extending its scope, today it is linked to virtually everything, the latest being mandatory linking with PAN or the PAN card will become useless. So basically the government is keen on creating a very wide, complex set of data from the start. Gathering data in itself is not the problem, in fact, used wisely, it could help in efficiently delivering a number of schemes. But the problem arises because it gives control of all your data to a governmental system without an accountability mechanism. 

In his book Chokepoint Capitalism, Cory Doctorow explains that big tech corporates didn’t become big on the basis of innovation alone, they became big because they could buy out competitors when they were small, and ended up as a monopoly. A similar thing could be said about data amassing. When the data becomes too huge and in the sole hands of the government, it is bound to create an all-powerful surveillance state. And if the government compromises with the data, it would end up in the hands of big tech companies in one way or the other, especially as we increasingly become aware of the powers of big tech to influence behaviours. We have seen firms like Cambridge Analytica using Facebook data to predict voter trends and push politically targeted advertising in coalition with political parties. Imagine what they could do if they get hold of vast government data. 

Human Rights activist and Legal researcher, Usha Ramanathan has been tracing the journey of Aadhaar since its inception. She has detailed how private entry was always desirable. In fact, as per the TAG-UP (Technology Advisory Group for Unique Projects) report chaired by Nandan Nilekani in 2011, there was a plan to privatise government data through the creation of National Information Utilities (NIUs) which would be private companies with public purpose, and would own the data collected with the use of government authority. She wrote in 2013 about how the data collected from Aadhaar would be “sold back to the government through specially created, privatised, for-profit utilities”. 

Usha Ramanathan: See, the first thing to remember for me was that this when they said UID is an identity, it was very quickly they said it’s actually an identification system. And then when the case was going on in the court in 2018, January, Mr. Nilekani wrote in the papers… in Hindustan Times that this is, you know, it’s not really about delivering services to the various people, it is about creating a digital infrastructure. Now, the digital infrastructure is like roads, he said, roads are built and anyone can go on those roads. So this digital infrastructure that’s being created should be something that anybody can use.

So the data that is being generated by all of this … is data that anyone should be able to use to create more businesses, to create, whatever, for profit. In 2013, they were still looking at the possibility of the UIDAI becoming what they called the National Information Utility, which meant that there would be a private company set up for that purpose, and the UIDAI, would then become… all the data that they have… all that is created will become part of that National Information Utility. That didn’t happen because when Mr. Modi came in initially, they said they are going to trash this whole thing. And then according to Mr. Jaitley… they had Mr. Nilekani met Mr. Modi and then they just decided over the meeting that they were going to spread it across the whole country so that, you know, the idea changed. But in the meantime, the GSTN Goods and Services Tax Network had already been established as a national information utility and you will find that it is even today. In between, there was a brief file where Mr. Jaitely was also there. They were asking that the Goods and Services Tax network should become the government and then we don’t know what happened, but they allowed it to continue the way it was. But the data now is shared by them. So one makes profit from it, the other uses it to keep tabs on people. And this is the agreement, I mean, this seems to be the arrangement between them.

In its renewed avatar, Digital India has extended its scope to agriculture and co-operatives, a few areas which had so far enjoyed some autonomy from the clutches of the big data storm. As per the FM, the digital public infrastructure for agriculture would be an open-source platform with support for crop planning and health, improved access to farm inputs, credit, and insurance; it will help with crop estimation, market intelligence, and also for the growth of agri-tech industry and startups. Though the idea may be well-meaning, it is important to recall that it completely sidelines the actual demands of the farmers on legal guarantee of MSP, crop insurance, reduction of input costs and steady availability of inputs like fertilizers. Is the government trying to fill the actual policy and infrastructure gap with data solutions? 
Moreover, with the Public-Private Partnerships already initiated under this scheme, wouldn’t all data generated automatically go to the private players as well? Without a firm guarantee of protection of user data by the government, we don’t know what end use it would be put to. What if using information like, farm sizes, debt on the farmer and comparative prices of crops, big corporates or agri-startups coerce farmers to produce their desired crop? They can easily do this especially when they use enhanced AI tools and get hold of financial data through other sources. There have been several instances of farmers being duped by traders and companies despite contracts. Like the case in Madhya Pradesh, where a private company duped 200 farmers after failing to provide the promised drumstick saplings to them. The farmers had paid Rs.20,000 per acre for the saplings, but the company simply stopped taking their calls and fled away with their money. 

Usha Ramanathan: They have now again in Economic Times of 22nd February, they have a thing, India to push sharing of info on property, digital assets at G20. So they want this to become information that will move across borders. And what is the reason they give? Because this will help in detecting tax evasion and tracing terror financing in a better way. So the thing is, you take the money and you go and buy land somewhere else. So to track that, we want to share all this information. Now, if you look at something like the Land Titling Bill, which will be applicable to farmers too, because they’re saying every property will have a unique property Identification number, then every farmer will have a unique farmer’s Identification number that will be linked up with this will be linked up with UID.

I mean, this, by the way, is the other absurd thing. They said that the UID will be… you won’t need any other IDs after that. Not only are they creating a multiplicity, they are now advising people to go and re-enroll because it’s ten years since you’ve enrolled. So any change in the status of land, if it is mortgaged, if it’s under debt in any kind of circumstance, if it has to be partitioned, if there is any dispute on it, all of this has to be reported to that system. So it becomes… it’s bringing everything to the market. It’s not dealing with people as people at all. It’s not dealing with farmers as farmers.

Meanwhile, a new data protection bill is underway. Drafted by the Ministry of Electronics and Information Technology the Digital Personal Data Protection (DPDP) Bill aims to protect the personal data of the citizens while recognising their rights. But experts and activists point out that it suffers from several faults. One, it dilutes the RTI Act, and makes information opaque which could go against the principles of democracy. For example, imagine without transparency, how would you know which of the eligible students received government scholarships? The Data Protection Bill also has provisions that allow all entities to be exempted from the bindings of the bill by merely issuing due notifications. 

When the government is sitting on a large amount of data gathered by the might of its authority, it is not going to give its power away. A weak data protection bill actually might be in the favour of the government and big corporates. We cannot forget the case of Cambridge Analytica. Our data in the hands of for-profit corporates would not only put the issues of privacy at risk but could endanger the ethos of democracy. Digital India comes with great promises of efficiency and maximum governance, but without clear, transparent data protection laws it is not going to serve its purpose. 

Thank you for listening to You, Me and the Economy. Now you can listen to this podcast on your favourite podcast app; find us on SpotifyAmazon MusicGoogle Podcast, and Hubhopper!

Thank you for listening to You, Me and the Economy. Now you can listen to this podcast on your favourite podcast app; find us on Spotify, Amazon Music, Google Podcast, and Hubhopper!